There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM Storwize V7000 Unified. These issues were disclosed as part of the IBM Java SDK updates in January 2015.
CVE(s): ...

SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in TS3400.
CVE(s): CVE-2014-3566
Affected product(s) and affected version(s):
Firmware...

A fix is available for IBM SONAS, for the security issue that an attacker could execute arbitrary code on the system by exploiting a vulnerability in RPM
CVE(s): CVE-2013-6435
Affected product(s) and affected version(s):...

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 1.7.0.8 that is used by Client Management Services. These issues were disclosed as part of the IBM Java SDK updates in January 2015.
...

An attacker could gain privileged access to SONAS system by exploiting a vulnerability in Samba.
CVE(s): CVE-2013-4408 and CVE-2012-6105
Affected product(s) and affected version(s):
SONAS V1.3.0.0 to V1.4.2.1.
Refer to...

SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in TS3100/TS3200.
CVE(s): CVE-2014-3566
Affected product(s) and affected version(s):
...

There are security vulnerabilities in SSLv3 that is used by SAN Volume Controller and Storwize Family. In addition, OpenSSL vulnerabilities along with SSL 3 Fallback protection (TLS_FALLBACK_SCSV) were disclosed on October 15, 2014 by the OpenSSL Project....

There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM SAN Volume Controller and Storwize Family. These issue was disclosed as part of the IBM Java SDK updates in Jan 2015.
...

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 1.7.0.8 that is used by Client Management Services. These issues were disclosed as part of the IBM Java SDK updates in January 2015.
...

Multiple security vulnerabilities (as listed below) have been identified in the IBM® SDK, Java™ Technology Edition, embedded within the IBM Virtualization Engine TS7700 microcode image. These issues were disclosed as part of the IBM Java SDK updates...

Start a Blog

Starting a Blog
Blogs are online journals that you can use to share information, News and views. Within the ibm.com Connections community, all blogs (EXCEPT private Community Blogs) are public and they are indexed in Google. A blog can have multiple authors and a blog owner can add others as authors and enable moderation to review and approve entries and comments before they are published. An IBM ID is required to post blog entries and comments. If you do not have an IBM ID, register now.Who can own a blog?
Only an IBM regular employee can start a blog. The IBM blog owner can add IBM employees or non-IBM employees (business partners, clients, contractors, vendors) as authors. All blog owners and authors must comply with thecontent owner responsibilities. The IBM blog owner must ensure that all content contributors to his/her blog are aware of the responsibilities referenced above.
(IBM employees: You are required to review this Social computing education module before proceeding.)
Terms of Use
When contributing content (including, but not limited to text, images, links, videos), you must comply with the ibm.com Connections Terms of Use.br>
By clicking Continue, you agree to these ibm.com Connections Terms of Use.